Vulnerabilities > Goabode > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-35885 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35886 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
8.8
2022-10-25 CVE-2022-35887 Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc.
network
low complexity
goabode CWE-134
8.8
8.8
2021-12-20 CVE-2020-8105 OS Command Injection vulnerability in Goabode Iota All-In-One Security KIT Firmware
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access.
local
low complexity
goabode CWE-78
7.2
7.2